Designing a multiple level user permission system

2018-06-18 18:09:07

I am working on a site that has a database schema like a tree. From top to bottom I have:

One Company can have many

Locations that can have many

Fleets that can have many

Vehicles

The user permission system has to be flexible in that someone can gain or have restricted access at any level of the tree. For example, a person that manages location x will by default have full access to all fleets below location x and all vehicles below location x. But I should also be able to restrict the user's access to any node below location x.

What would be the proper way to develop a schema for a permission system such as this? Would it be realistic to store each node a user has access to even though it would be kind of redundant? The goal is for me to be able to easily run queries for example to get all locations a user has access to.

You might find a number of threads on SO interesting. Among them:

Implementing permissions based on reputation

Database schema for ACL

链接地址: http://www.djcxy.com/p/52868.html

上一篇: 麻烦导入所有执行分支到git仓库

下一篇: 设计一个多级用户权限系统